OpenPKG Security Advisory
OpenPKG-SA-2004.002
Publisher Name: OpenPKG GmbH Publisher Home: http://openpkg.com/ Advisory Id (public): OpenPKG-SA-2004.002 Advisory Type: OpenPKG Security Advisory (SA) Advisory Directory: http://openpkg.com/go/OpenPKG-SA Advisory Document: http://openpkg.com/go/OpenPKG-SA-2004.002 Advisory Published: 2009-07-04 12:38 UTC Issue Id (internal): OpenPKG-SI-20040116.01 Issue First Created: 2004-01-16 Issue Last Modified: 2006-11-28 Issue Revision: 07
Subject Name: tcpdump Subject Summary: Network Packet Dumping Tool Subject Home: http://www.tcpdump.org/ Subject Versions: * <= 3.8.1 Vulnerability Id: CVE-2002-0380, CVE-2002-1350, CVE-2003-0108, CVE-2003-0989, CVE-2003-1029, CVE-2004-0055, CVE-2004-0057 Vulnerability Scope: global (not OpenPKG specific) Attack Feasibility: run-time Attack Vector: remote network Attack Impact: denial of service Description: A bunch of vulnerabilities in tcpdump [0] were found and addressed in the past. All of them are in the area of packet decoding. Faulty decoder functions can result in denial of service attacks through infinite loops, memory starvation and application crashes. In the worst case arbitrary code execution is possible. This OpenPKG update resolves all issues currently known, as shown in the following table: tcpdump 371 371 372 381 OpenPKG 120 121 130 20020822 --- --- --- --- CVE-2002-0380 [2] nfs X - - - see past OpenPKG-SA [1] CVE-2002-1350 [3] bgp X - - - see past OpenPKG-SA [1] CVE-2003-0108 [4] isakmp X - - - see past OpenPKG-SA [1] depth X X X - (*) CVE-2003-0989 [5] isakmp X X X - updates CVE-2003-0108-isakmp CVE-2003-1029 [6] l2tp X X - - CVE-2004-0055 [7] radius X X X X CVE-2004-0057 [8] isakmp X X X X (*) the vendor code fix for CVE-2003-0108 had two other unrelated code changes piggybacked. We removed the cosmetics (constify) and extracted an enhancement (depth). References: [0] http://www.tcpdump.org/ [1] http://www.openpkg.org/security/OpenPKG-SA-2003.014-tcpdump.html [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0380 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1350 [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0108 [5] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0989 [6] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1029 [7] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0055 [8] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0057 [9] http://www.openpkg.org/tutorial.html#regular-source [10] http://www.openpkg.org/tutorial.html#regular-binary [11] ftp://ftp.openpkg.org/release/1.2/UPD/tcpdump-3.7.1-1.2.2.src.rpm [12] ftp://ftp.openpkg.org/release/1.3/UPD/tcpdump-3.7.2-1.3.1.src.rpm [13] ftp://ftp.openpkg.org/release/1.2/UPD/ [14] ftp://ftp.openpkg.org/release/1.3/UPD/ [15] http://www.openpkg.org/security.html#signature
Primary Package Name: tcpdump Primary Package Home: http://openpkg.org/go/package/tcpdump Affected Distribution: Affected Branch: Affected Package: OpenPKG Community 1.2-SOLID tcpdump-3.7.1-1.2.1 OpenPKG Community 1.3-SOLID tcpdump-3.7.2-1.3.0 OpenPKG Community CURRENT tcpdump-3.8.1-20040108 Corrected Distribution: Corrected Branch: Corrected Package: OpenPKG Community 1.2-SOLID tcpdump-3.7.1-1.2.2 OpenPKG Community 1.3-SOLID tcpdump-3.7.2-1.3.1 OpenPKG Community CURRENT tcpdump-3.8.1-20040116
